Page MenuHomePhabricator

Files does not serve HTTP "Content-Range" requests correctly if the underlying blob data is encrypted
Closed, ResolvedPublic

Description

See T12078 for an example. Serving these files works for me on Phacility test instance and local sandbox, but not here on secure.

Event Timeline

Why do you expect mov's to work? To my knowledge, this server isn't configured to support them.

And I think most people can't play them.

I expect it to work, because it looks like it is supposed to:

pasted_file (606×1 px, 89 KB)

My expectation per Contributing Bug Reports is people submit bug reports they see on their real install. Otherwise we have no idea now to prioritize if something happened here testing vs. something people really hit in day to day use. Filing it here also means an upstream developer must respond to it.

Anywho, I can't reproduce this in a local sandbox or on Phacility, so assume something is hokey with how files are served maybe in secure.

chad renamed this task from Embedding mov doesn't work? to Embedding mov doesn't work on secure.phabricator.com.Jan 8 2017, 1:47 AM
chad updated the task description. (Show Details)
chad added a project: Public & Media Relations.

My misunderstanding on this btw, I assumed mov was an option, not a default.

@epriestley maybe also related? Some files are just missing in Conpherence now.

pasted_file (800×856 px, 58 KB)

ok forget it. works fine in other browser.

.mov thing is likely an interaction between range requests and encryption. It works for me in Firefox. It only affects media files for installs which have configured file encryption and there's no data corruption/loss so I don't plan to get to it for a while unless a real install hits it.

Specifically, here's what I believe the bug is, in rough terms that probably get some specifics wrong:

  • Browsers can send request with a Give-Me-These-Bytes: 1000-2000 header. They don't normally do this, but can for media.
  • When they do, Files accesses the underlying chunks and returns an iterator which yields only that range, so we can retrieve 100 bytes of a 100MB file without having to process the whole thing.
  • If those blobs are encrypted, decryption then applies.
  • This will always fail, since you can't start decrypting a stream midway through.

Instead, the lower-level slicing needs to slice things into "decryptable-unit" chunks, and the byte-by-byte slicing has to happen after decryption.

This only applies to installs that have configured encryption (rare, but this install is one) and normally only to embedded media files (also relatively rare).

I'm not sure this is actually the problem:

  • The file plays fine when the whole thing is downloaded, which points at a Give-Me-These-Bytes issue.
  • However, I couldn't immediately find any smoking guns in the logs from cursory inspection. Some other unrelated warnings are cluttering them up a bit, though, so this isn't too meaningful.
epriestley renamed this task from Embedding mov doesn't work on secure.phabricator.com to Files does not serve HTTP "Content-Range" correctly if the underlying blob data is encrypted.Jan 8 2017, 9:42 PM
epriestley renamed this task from Files does not serve HTTP "Content-Range" correctly if the underlying blob data is encrypted to Files does not serve HTTP "Content-Range" requests correctly if the underlying blob data is encrypted.
epriestley triaged this task as Low priority.

The video in T12078 now plays correctly for me so I think this is, in fact, resolved.